Re: Inbound Protection

Re: Inbound Protection

<blockquote><hr>Oldsod wrote:
Check out the Firewall and Program Logs found in the Log Viewer of the Alerts and Logs.
Oldsod.
<hr></blockquote>
Yes, just where you said it would be :-), thanks Oldsod. It shows that it was blocking **bleep**.com. Shouldn't it be allowing my Antivirus to phone home, or is there something suspicious about the destinations it was trying to go to? Thanks again :-)

Re: Inbound Protection

I can see outgoing ICMP Type 8 listed for every one of the events.
Haven't bothered to check the actual destinations, but the destinations/IP/addresses should not be a factor in the blocked events.

ICMP Type 8 is Echo Request for the puposes of pinging is usually set to be allowed for only outgoing, along with allowing incoming ICMP Type 0 (Echo Reply). This is the normal arrangement for the home user with home PCs and not involved with a server or such.

Basically your antivirus is attempting to "ping" the home servers to attempt or establish connections and the ZA is always blocking. Once the servers are replying with ICMP Echo Reply back, then the usual TCP connections will begin.

Now comes a few questions.

Are the DNS servers listed as Trusted in the Zones in the Firewall of the ZA?
Are the DHCP (default gateway) listed as Trusted in the Zones?
Does the generic host process (svchost.exe) have both trusted and internet access and trusted server allowed?
Is the Trusted Zone Security Zone set at Medium?
Are the antivirus's updaters listed with trusted and internet access and trusted server?

Re: Inbound Protection

Excellent response Oldsod, excellent information, and questions you asked. :-) Thanks for the time and effort you put into your response, I've learned from you, and will learn more as I look into answering your questions, and checking my settings and configurations. Well done, thanks again :-)

Re: Inbound Protection

Once the previous set of questions in the above reply are followed through, lets us then see if the blocked events still are occuring.
This may fix things and get it correct, but if not then we shall continue into other directions.